#!/bin/sh ############################################################################# #creates a skeleton ldap directory ready for srudents and Staff to be added echo " step #1, configs and sanity checks" ############################################################################# #Don't forget to simlink Crypt/SmbHash.pm cause the rpm installs to wrong place #diradmin-1.5.1-3.rhel3.dag.i386.rpm #ldap-account-manager_0.4.6.tar.gz #ldap-scripts-0.0.3-k12ltsp.1.3.1.noarch.rpm #perl-Convert-ASN1-0.17-0.dag.rhel3.noarch.rpm #perl-Convert-BER-1.31.01-1.rhel3.dag.noarch.rpm #perl-Crypt-SmbHash-0.02-1.0.el2.dag.noarch.rpm #perl-Data-Dump-1.03-1.1.el3.dag.noarch.rpm #perl-IO-Socket-SSL-0.94-0.dag.rhel3.noarch.rpm #perl-Jcode-0.83-0.rhel3.dag.i386.rpm #perl-MD5-2.03-1.1.el3.dag.noarch.rpm #perl-Net-LDAP-0.2701-1.dag.rhel3.noarch.rpm #perl-Net-SSLeay-1.25-0.1.el3.dag.i386.rpm #perl-Unicode-Map-0.112-0.rhel3.dag.i386.rpm #perl-Unicode-Map8-0.12-0.rhel3.dag.i386.rpm #perl-Unicode-MapUTF8-1.09-0.rhel3.dag.i386.rpm #perl-Unicode-String-2.07-0.rhel3.dag.i386.rpm #perl-XML-SAX-Base-1.04-0.dag.rhel3.noarch.rpm #smbldap-tools-0.8.7-2.noarch.rpm-look in /usr/sbin for exec-> # # a couple of configuration items LDIFDIR=/root/ldifs SLAPDCONF=/etc/openldap/slapd.conf MIGRATEDIR=/usr/share/openldap/migration/ FILENAME=`date '+%m%d%y'` # a couple o f sanity checks mkdir -p $LDIFDIR mkdir -p /opt/samba/profiles mkdir -p /etc/samba/printer #rm /etc/samba/smbusers touch /etc/samba/smb.conf chmod 777 -R /opt/samba/profiles mkdir -p /opt/samba/netlogon chmod 777 -R /opt/samba/netlogon cp /usr/share/doc/samba-3.0.6/LDAP/samba.schema /etc/openldap/schema mkdir -p /Lexia ################################### if [ ! -d $LDIFDIR ] ; then echo -e "\n$LDIFDIR does not exist, aborting\n\n"; exit fi touch $SLAPDCONF if [ ! -w $SLAPDCONF ] ; then echo -e "\nCan't write to $SLAPDCONF, aborting\n\n"; exit fi VERSION="`rpm -q openldap-servers | cut -d'-' -f3 | cut -d'.' -f1,2`" if [ "`echo $VERSION | cut -d'.' -f1`" != "2" ]; then echo -e "\nThis script requires OpenLDAP version 2.x\n\n"; exit 1 fi if [ ! -f $MIGRATEDIR/migrate_common.ph ]; then echo -e "\nLDAP Migrate scripts are missing, aborting\n\n"; exit 1 fi function check () { if [ ! $1 $2 ]; then echo echo "$2 was not found, aborting" echo exit 1 fi } check -d /etc/openldap/schema check -d /var/lib/ldap check -x /sbin/service check -x /sbin/chkconfig check "`which perl`" check "`which authconfig`" #force debugging by syslog #echo "local4.debug /var/log/ldap">/etc/syslog.conf ############################################################################# # echo " step #2, build the slapd.conf file" # ############################################################################# # read in the domain name, defaulting to the server's domain name defaultdm="`hostname | cut -d'.' -f2-`" echo -n "domain name: [$defaultdm] " read domain if [ ! "$domain" ]; then domain=$defaultdm fi #read in netbiosname############# echo -n "Enter the name you'd like Winblows to see.(netbiosname)->" read netbiosname echo $netbiosname ################################## echo " Step #3 read in the administrative password" while [ 1 ]; do echo -n "password: " read -s pw echo echo -n "verify: " read -s pw2 echo if [ `echo -n $pw | wc -c` -lt 5 ]; then echo echo "password should have more than four characters!" echo else if [ "$pw" = "$pw2" ]; then break fi echo echo "passwords did not match, please try again" echo fi done salt=${RANDOM}${RANDOM} passwd="{crypt}`perl -e \"print crypt($pw,$salt);\"`" # convert the domain name into the LDAP suffix if [ "`echo $domain | grep [.]`" ]; then for i in `seq 1 20`; do DC="`echo $domain | cut -d'.' -f$i`" if [ "$DC" ] then if [ "$suffix" ] then suffix="$suffix,dc=$DC" else suffix="dc=$DC" fi fi done else suffix="dc=$domain" fi dn="cn=root,$suffix" shortened=$(echo $domain|cut -f1 -d '.') ########## echo echo "here is domain name-> $domain" echo echo "here is ldap password-> $pw" echo echo "here is ldap suffix-> $dn" echo echo "here is the date-> $FILENAME" echo echo "here is the workgroup name-> $shortened" echo echo "here is the netbiosname-> $netbiosname" echo echo "Does everything ok (yes/no)" read answer && echo $answer if test "$answer" != "yes" ; then exit #from jammcq [ "answer"!= "yes" ] && exit #from jammcq [ "answer" = "yes" ] || exit fi echo "continuing" ##################################################################### echo "Step 3: Create slapd.conf" # make a backup of the slapd.conf file if [ -f $SLAPDCONF ]; then mv -f $SLAPDCONF $SLAPDCONF.$FILENAME fi echo > $SLAPDCONF # schemas SCHEMAS="core cosine inetorgperson nis rfc822-MailMember redhat/autofs redhat/kerberosobject samba redhat/rfc822-MailMember corba java openldap" for s in $SCHEMAS; do if [ -f /etc/openldap/schema/$s.schema ]; then echo "include /etc/openldap/schema/$s.schema" >> $SLAPDCONF fi done # # SSL support? if [ -f /usr/share/ssl/certs/slapd.pem ]; then echo "TLSCertificateFile /usr/share/ssl/certs/slapd.pem" >> $SLAPDCONF echo "TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem" >> $SLAPDCONF fi # # database definition ( echo if [ "$VERSION" == "2.0" ]; then echo "database bdb" else echo "database ldbm" fi echo " loglevel 256" echo "suffix $suffix" echo "rootdn $dn" echo "rootpw $pw" echo "dbsync 2 12 5" echo "directory /var/lib/ldap" ) >> $SLAPDCONF # # indicies, acls cat << EOF >> $SLAPDCONF index default eq,pres index objectClass,uidNumber,gidNumber eq,pres index memberUid,mail,cn,ou,o,sn,uid,givenname eq,pres,sub,subinitial access to attr=userpassword,sambantpassword,sambalmpassword by * auth by * none access to dn=".*" by self write by * read by * auth EOF # enable the backend monitor if it's version 2.1 #if [ "$VERSION" == "2.1" ]; then # ( echo # echo "database monitor" # echo "access to dn=\".*\"" # echo " by dn=\"$dn\" read" # echo " by * none" # echo ) >> $SLAPDCONF #fi #end slapd.conf ############################################################################# echo " step #4, fire up slapd" /sbin/service ldap stop &> /dev/null rm -f /var/lib/ldap/* &> /dev/null /sbin/service ldap start || broken=1 if [ $broken ]; then echo echo "Doh! something went wrong and OpenLDAP won't start" echo echo "take a look at /var/log/boot.log, /var/log/messages, and" echo "/var/log/secure to see what broke" echo fi /sbin/chkconfig ldap on ################################################################# # copy the samba schema to /etc/openldap/schema/ echo "THIS ASSUMES samba.schema exists in /etc/openldap/schema" echo "Step 5:Build an smb.conf and save the old" cp /etc/samba/smb.conf /etc/samba/smb.conf.$FILENAME cat </etc/samba/smb.conf ###################### [global] workgroup = $shortened netbios name = $netbiosname username map=/etc/samba/smbusers server string=Samba Server %v security=user encrypt passwords=yes obey pam restrictions= no log level=0 syslog=0 log file = /var/log/samba/%m.log max log size = 100000 load printers = yes time server=yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method=hash2 Dos charset=850 Unix charset=ISO8859-1 logon script=startup.bat logon drive=F: logon home= logon path= domain logons=yes os level=65 preferred master=yes domain master=yes wins support=yes ############################################ passdb backend=ldapsam:ldap://127.0.0.1 ldap ssl = off ldap admin dn = cn=root,$suffix ldap suffix = $suffix ldap group suffix = ou=Group ldap user suffix = ou=People ldap machine suffix = ou=People ldap idmap suffix = ou=People add user script= /usr/sbin/smbldap-useradd -m "%u" ldap delete dn=yes ldap passwd sync=yes add machine script=/usr/sbin/smbldap-useradd -w "%u" add group script=/usr/sbin/smbldap-groupadd -p "%g" add user to group script=/usr/sbin/smbldap-groupmod -m "%u""%g" delete user from group script=/usr/sbin/smbldap-groupmod -x "%u""%g" set primary group script=/usr/sbin/smbldap-usermod -g "%g""%u" ############################################## dns proxy = No writable = yes printing=cups local master = Yes printcap name=/etc/printcap preferred master=yes template homedir = /home/%U template shell = /bin/bash smbpasswd file =/etc/samba/smbpasswd name resolve order = hosts wins lmhosts bcast password server = * create mode=700 directory mode=700 max log size = 0 [homes] comment=Home Direcorites #valid users=%D+%S writeable=yes read only = no create mask = 0644 directory mask=0755 browseable=yes [netlogon] comment=Network Logon Services path=/opt/samba/netlogon [profiles] path=/opt/samba/profiles writable=yes browseable=yes create mode=0644 directory mode=0755 [Print$] path = /etc/samba/printer guest ok = yes public = yes read only = no writeable = yes browseable = yes write list = captain root jingalls @root [printers] comment = All Printers guest ok = yes path = /var/spool/samba printable = Yes browseable = yes [LexiaPBR] comment=lexiahack path=/Lexia read only=no guest ok=yes EOF echo "restart smb" service smb restart smbpasswd -w $pw sleep 5 echo "get the sid" SID=`net getlocalsid $shortened | cut -d":" -f2 |cut -c2-` echo $SID echo $shortened ####################################THIS FAR FINE echo "Step 6: Now build smbldap.conf" mv /etc/smbldap-tools/smbldap.conf /etc/smbldap-tools/smbldap.conf.$filename cat <>/etc/smbldap-tools/smbldap.conf slaveLDAP="127.0.0.1" slavePort="389" masterLDAP="127.0.0.1" masterPort="389" ldapTLS="0" verify="none" cafile="etc/smbldap-tools/ca.pem" clientcert="/etc/smbldap-tools/smbldap-tools.pem" clientkey="/etc/smbldap-tools/smbldap-tools.key" suffix="$suffix" usersdn="ou=People,$suffix" computersdn="ou=People,$suffix" groupsdn="ou=Group,$suffix" idmapdn="ou=idmap,$suffix" #sambaUnixIdPooldn="cn=NextFreeUnixId" sambaUnixIdPooldn="sambaDomainName=$shortened,$suffix" scope="sub" hash_encrypt="SSHA" crypt_salt_format="%s" userLoginShell="/bin/bash" userHome="/home/%U" userGecos="System User" defaultUserGid="513" defaultComputerGid="526" skeletonDir="/etc/skel" defaultMaxPasswordAge="55" userSmbHome="\\\\$netbiosname\homes\%U" userProfile="\\\\$netbiosname\profiles\%U" userHomeDrive="F:" userScript="startup.bat" mailDomain="$domain" with_smbpasswd="0" smbpasswd="/usr/bin/smbpasswd" mk_ntpasswd="/usr/local/sbin/mkntpwd" SID="$SID" ################################### EOF chmod 777 /etc/smbldap-tools/smbldap.conf ########################################################## echo "Step 7: Now add smbldap_bind.conf" #################################### cp /etc/smbldap-tools/smbldap_bind.conf /etc/smbldapsmbldap_bind.conf.$FILENAME rm /etc/smbldap-tools/smbldap_bind.conf cat <>/etc/smbldap-tools/smbldap_bind.conf slaveDN="cn=root,$suffix" slavePw="$pw" masterDN="cn=root,$suffix" masterPw="$pw" EOF ############################################################################# # echo " step #8 build the skeleton database and load it" ############################################################################# ( echo "dn: $suffix" echo "objectclass: top" echo "objectClass: dcObject" echo "objectclass: organization" echo "o: $domain" echo "dc: $shortened" echo echo "dn: ou=Aliases,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: Aliases" echo echo "dn: ou=Ethers,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: Ethers" echo echo "dn: ou=Group,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: Group" echo echo "dn: ou=Computer,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: Hosts" echo echo "dn: ou=Netgroup,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: Netgroup" echo echo "dn: ou=Networks,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: Networks" echo echo "dn: ou=People,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: People" echo echo "dn: ou=Protocols,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: Protocols" echo echo "dn: ou=Rpc,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: Rpc" echo echo "dn: ou=Services,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: Services" echo echo "dn: ou=idmap,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: idmap" echo ) > $LDIFDIR/base.ldif ldapadd -x -c -h localhost -D "$dn" -w "$pw" -f $LDIFDIR/base.ldif ############################################################################# # echo " step #5, migrate data" ############################################################################# # core data #touch $LDIFDIR/passwd.ldif #if [ -f $MIGRATEDIR/migrate_common.ph ]; then # perl -i.ltsp -p -e " # if (\$_ =~ /^.DEFAULT_MAIL_DOMAIN/i) { # s/=.*/= '$domain';/g; # } # if (\$_ =~ /^.DEFAULT_BASE/i) { # s/=.*/= '$suffix';/g; # } " /usr/share/openldap/migration/migrate_common.ph # # for item in hosts protocols rpc services group ; do # touch $LDIFDIR/$item.ldif # if [ -x $MIGRATEDIR/migrate_$item.pl -a -f /etc/$item ]; then # $MIGRATEDIR/migrate_$item.pl /etc/$item $LDIFDIR/$item.ldif # ldapadd -x -c -h localhost -D "$dn" -w "$pw" -f $LDIFDIR/$item.ldif # fi # done # if [ -x $MIGRATEDIR/migrate_passwd.pl -a -f /etc/passwd ]; then # $MIGRATEDIR/migrate_passwd.pl /etc/passwd $LDIFDIR/passwd.ldif # ldapadd -x -c -h localhost -D "$dn" -w "$pw" -f $LDIFDIR/passwd.ldif # fi #fi smbpasswd -w $pw echo "passwd.ldif" # samba data #[ -f /etc/samba/smbpasswd ] && SMBPASS=/etc/samba/smbpasswd #[ -f /etc/smbpasswd ] && SMBPASS=/etc/smbpasswd #if [ "$SMBPASS" ] #then #pdbedit -i smbpasswd:$SMBPASS #pdbedit -i smbpasswd:$SMBPASS -g # get server's SID #SID=`net getlocalsid | cut -d":" -f2` # create the root & nobody group mappings #net groupmap add sid=${SID}-512 unixgroup=root type=domain #net groupmap add sid=S-1-5-32-546 unixgroup=nobody #fi echo $SID ############################################################################# # echo " step #6, setup /etc/ldap.conf & /etc/pam.d/system-auth" ############################################################################# authconfig --kickstart --enablecache --enableshadow --enablemd5 --enableldap --enableldapauth --ldapserver localhost --ldapbasedn $suffix cat </etc/ldap.conf host localhost base $suffix binddn cn=root,$suffix bindpw $pw scope sub pam_password crypt ssl no pam_password md5 ####### custom settings ################## rootbinddn cn=root,$suffix nss_base_passwd ou=People,$suffix?sub nss_base_shadow ou=People,$suffix?sub nss_base_group ou=Group,$suffix?one nss_base_hosts ou=Hosts,$suffix?one nss_base_services ou=Services,$suffix?one nss_base_networks ou=Networks,$suffix?one nss_base_protocols ou=Protocols,$suffix?one nss_base_rpc ou=Rpc,$suffix?one ####### end custom settings ############## EOF echo $pw > /etc/ldap.secret chmod 0666 /etc/ldap.secret if [ ! "`grep pam_mkhomedir /etc/pam.d/system-auth`" ] ; then echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0077" >> /etc/pam.d/system-auth fi echo "END of original script" ############################################################################# echo "NOW ADD TO STAFF skeleton datatbase" #rm -rf $LDIFDIR ( echo "dn: ou=Staff,ou=People,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: Staff" echo echo "dn: ou=$shortened,ou=Staff,ou=People,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: $shortened" echo echo "dn: ou=Students,ou=People,$suffix" echo "objectclass: top" echo "objectclass: organizationalUnit" echo "ou: Students" echo echo "dn: ou=2005,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2005" echo echo "dn: ou=2006,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2006" echo echo "dn:ou=2007,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2007" echo echo "dn: ou=2008,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2008" echo echo "dn: ou=2009,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2009" echo echo "dn: ou=2010,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2010" echo echo "dn: ou=2011,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2011" echo echo "dn: ou=2012,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2012" echo echo "dn: ou=2013,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2013" echo echo "dn: ou=2014,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2014" echo echo "dn: ou=2015,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2015" echo echo "dn: ou=2016,ou=Students,ou=People,$suffix" echo "objectclass: organizationalUnit" echo "ou: 2016" echo ) > $LDIFDIR/group.ldif ldapadd -x -c -h localhost -D "$dn" -w "$pw" -f $LDIFDIR/group.ldif echo "Now groups" ################## (echo "dn:cn=Staff,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: Staff" echo "gidNumber: 2050" echo echo "dn:cn=$shortened,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: Staff" echo "gidNumber: 2051" echo echo "dn:cn=2005,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2005" echo "gidNumber: 2005" echo echo "dn:cn=2006,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2006" echo "gidNumber: 2006" echo echo echo "dn:cn=2007,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2007" echo "gidNumber: 2007" echo echo "dn:cn=2008,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2008" echo "gidNumber: 2008" echo echo "dn:cn=2009,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2009" echo "gidNumber: 2009" echo echo echo "dn:cn=2010,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2010" echo "gidNumber: 2010" echo echo "dn:cn=2011,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2011" echo "gidNumber: 2011" echo echo "dn:cn=2012,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2012" echo "gidNumber: 2012" echo echo echo "dn:cn=2013,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2013" echo "gidNumber: 2013" echo echo "dn:cn=2014,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2014" echo "gidNumber: 2014" echo echo "dn:cn=2015,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2015" echo "gidNumber: 2015" echo echo echo "dn:cn=2016,ou=Group,$suffix" echo "objectClass: posixGroup" echo "cn: 2016" echo "gidNumber: 2016" echo ) > $LDIFDIR/group2.ldif ldapadd -x -c -h localhost -D "$dn" -w "$pw" -f $LDIFDIR/group2.ldif ################################################################ echo echo "Done!" echo echo "Just as a reminder, here are the directory server's settings:" echo echo " Base dn: $suffix" echo " administrative dn: $dn" echo echo ######################################################## echo "being sure nscd is running" service nscd restart smbldap-populate -a root echo "Now root's samba password" smbldap-usermod -u 0 root echo -e $pw\\n$pw|smbldap-passwd root echo " Please wait while the ldif is prepared" ################################################# uid=`ldapsearch -LL -x -h localhost -D "$dn" -w "$pw" -s sub "(objectClass=sambaUnixIdPool)" uidNumber| grep uidNumber|cut -d: -f2| cut -c2-` echo $uid > /tmp/uid ################################################## if [ -f $LDIFDIR/People.ldif ] ; then mv $LDIFDIR/People.ldif $LDIFDIR/People.$FILENAME fi ############################################################### cat $shortened.csv | while read line; do #cat People.csv | while read line; do first=$(echo $line | cut -f1 -d ',') last=$(echo $line | cut -f2 -d ',') year=$(echo $line | cut -f3 -d ',') password=$(echo $line | cut -f4 -d ',') name=$(echo $line | cut -f5 -d ',') gid=$year uid=`cat /tmp/uid` #############echo "switching for Staff and Students"############### if [ "$year" = "$shortened" ] ; then year="$year,ou=Staff" && gid=2051 elif [ "$year" = "2005" ] ; then year="$year,ou=Students" elif [ "$year" = "2006" ] ; then year="$year,ou=Students" elif [ "$year" = "2007" ] ; then year="$year,ou=Students" elif [ "$year" = "2008" ] ; then year="$year,ou=Students" elif [ "$year" = "2009" ] ; then year="$year,ou=Students" elif [ "$year" = "2010" ] ; then year="$year,ou=Students" elif [ "$year" = "2011" ] ; then year="$year,ou=Students" elif [ "$year" = "2012" ] ; then year="$year,ou=Students" elif [ "$year" = "2013" ] ; then year="$year,ou=Students" elif [ "$year" = "2014" ] ; then year="$year,ou=Students" fi ################################################################# (echo "dn: cn=$name,ou=$year,ou=People,$suffix" echo "sambaLMPassword: B1208432F8D13F034A3B108F3FA6CB6D" echo "sambaPrimaryGroupSID: $SID-$uid" echo "displayName: $first $last" echo "sambaLogonScript: $name.cmd" echo "objectClass: top" echo "objectClass: inetOrgPerson" echo "objectClass: posixAccount" echo "objectClass: sambaSAMAccount" echo "userPassword:: e1NTSEF9L2FMV2RNYkFsMVZBanIwMWNjMjZCVER1MFFUc01jNnQ=" echo "sambaLogonTime: 0" echo "sambaHomeDrive: P:" echo "uid: $name" echo "uidNumber: $uid" echo "cn: $name" echo "sambaLogoffTime: 2147483647" echo "sambaPwdLastSet: 1069876848" echo "loginShell: /bin/bash" echo "sambaAcctFlags: [UX]" echo "sambaProfilePath: \\\\$netbiosname\\profiles\\$name" ########################### echo "gidNumber: $gid" ########################## echo "sambaPwdMustChange: 0" echo "sambaNTPassword: 0C61039F010B2FBB88FE449FBF262477" echo "gecos: $first $last" echo "sambaPwdCanChange: 0" echo "sambaSID: $SID-$uid" echo "description: $first $last" echo "homeDirectory: /home/$name" echo "sambaKickoffTime: 2147483647" echo "sn: $name" echo "sambaHomePath: \\\\$netbiosname\homes" echo ) >> $LDIFDIR/People.ldif let "uid +=1" echo $uid > /tmp/uid done echo "leaving loop" uid=`cat /tmp/uid` ldapadd -x -c -h localhost -D "$dn" -w "$pw" -f $LDIFDIR/People.ldif ##################### #echo "Now reset NextFreeUnixId" #(echo "dn: cn=NextFreeUnixId,$suffix" #echo "gidNumber: 2020" #echo "uidNumber: $uid" #echo "objectClass:inetOrgPerson" #echo "objectClass: sambaUnixIdPool" #echo "sn: NextFreeUnixId" #echo "cn: NextFreeUnixId" #echo ) > $LDIFDIR/FreeUnix.ldif #ldapmodify -x -h localhost -D "$dn" -w "$pw" -f $LDIFDIR/#FreeUnix.ldif ################################################### echo "now reset sambaDomainName" (echo "dn: sambaDomainName=$shortened,$suffix" echo "objectClass: sambaDomain" echo "objectClass: sambaUnixIdPool" echo "sambaDomainName: $shortened" echo "sambaSID: $SID" echo "uidNumber: $uid" echo "gidNumber: 1000" echo ) > $LDIFDIR/FreeUnix.ldif ldapmodify -x -h localhost -D "$dn" -w "$pw" -f $LDIFDIR/FreeUnix.ldif ######################################################### #this creates homedirs cat $shortened.csv | while read line; do name=$(echo $line | cut -f5 -d ',') year=$(echo $line | cut -f3 -d ',') cp -r /etc/skel /home/$name echo $name echo $year sleep 3 chown -R $name /home/$name chmod 700 /home/$name chgrp -R $year /home/$name done ###################################### echo "$FILENAME-should give current date" echo "$domain-should give the domain you typed in" #echo $pw echo "$suffix the ldap version of the domain" echo "$LDIFDIR-where the ldifs are put" echo "$SLAPDCONF-location of slapd.conf" echo "$MIGRATEDIR-location of migration scrpts" echo "$passwd-crypt version of root pw" echo "$first-first field of People.csv" echo $last echo $year echo "$password-default password for all users" echo $name echo $uid echo "the default domain name is $defaultdm-name from /etc/sysconfig/network "